What is the NIST-approved way of getting random numbers?
NIST SP 800-90B mentions how the HWRNG should preform, testing, validation, access to raw and post-processed (optional) data, etc.
But doesn't mention specifically what sources are valid.
- Does mashing on the keyboard collecting nanosecond-precise key press times work?
- What about rolling dice or flipping coins?
- USB HWRNGs?
- Video cameras, microphones, RTL-SDR, etc.?
What's a valid source and what isn't?
https://csrc.nist.gov/pubs/sp/800/90/b/final
Aaron Toponce ⚛️:debian: /
npub1t9…t8529
2024-07-30 22:38:38
Author Public Key
npub1t9cz9v7zph5jvadd8rjfp25msrx6r0hdxnsyfmx88k8qp3pvv04szt8529Published at
2024-07-30 22:38:38Event JSON
{
"id": "00a45f6e3fcd8836b049c1ba79c4496359b74eb61742e35be658bb5068075fd3",
"pubkey": "597022b3c20de92675ad38e490aa9b80cda1beed34e044ecc73d8e00c42c63eb",
"created_at": 1722379118,
"kind": 1,
"tags": [
[
"proxy",
"https://fosstodon.org/@atoponce/112877837938815706",
"web"
],
[
"proxy",
"https://fosstodon.org/users/atoponce/statuses/112877837938815706",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://fosstodon.org/users/atoponce/statuses/112877837938815706",
"pink.momostr"
],
[
"-"
]
],
"content": "What is the NIST-approved way of getting random numbers?\n\nNIST SP 800-90B mentions how the HWRNG should preform, testing, validation, access to raw and post-processed (optional) data, etc.\n\nBut doesn't mention specifically what sources are valid.\n\n- Does mashing on the keyboard collecting nanosecond-precise key press times work?\n- What about rolling dice or flipping coins?\n- USB HWRNGs?\n- Video cameras, microphones, RTL-SDR, etc.?\n\nWhat's a valid source and what isn't?\n\nhttps://csrc.nist.gov/pubs/sp/800/90/b/final",
"sig": "cb2488b75fea6f668bd98ce1ba5b1998a74ea37972becd5e9ef17987c1df79fd6efa1a245dd65dab91803348d60ee8940185a13b686415d64806c76df2214340"
}